Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
09-05-2024 15:53
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20240220-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20240426-en
11 signatures
150 seconds
General
-
Target
file.exe
-
Size
527KB
-
MD5
144e3fc197d288b006018a06681636eb
-
SHA1
82bc88c1799ade03d1dcecb8b13653c0aa90f475
-
SHA256
75997a0972431bc5e7a704b53cd1a000bf6f1f51c31f2ef32b3af38f120ccfce
-
SHA512
def371308bbde6c659c4b72a5d144bb9149931ec985ae2ccfe68cbb7acc6d15446cb917e4799908dfa4b65dae77a01980c5f52e6f80a3d39586039827d03cb40
-
SSDEEP
12288:vJYO+vkfgJbreygSCTUPAKRccEedsTm0eynOpWcDMvH0Xp:vJYmfgdRwedsTTPnfcDMvU
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 2900 2908 WerFault.exe file.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
file.exedescription pid process target process PID 2908 wrote to memory of 2900 2908 file.exe WerFault.exe PID 2908 wrote to memory of 2900 2908 file.exe WerFault.exe PID 2908 wrote to memory of 2900 2908 file.exe WerFault.exe PID 2908 wrote to memory of 2900 2908 file.exe WerFault.exe